From ceb06c6e622a0a15e51ad3823847659845b0646a Mon Sep 17 00:00:00 2001
From: Matthias <matthias.mair@oewf.org>
Date: Thu, 9 Dec 2021 23:54:02 +0100
Subject: [PATCH] require MFA for admin if set

---
 InvenTree/InvenTree/urls.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/InvenTree/InvenTree/urls.py b/InvenTree/InvenTree/urls.py
index 7b41cfc7e0..e48fbc299e 100644
--- a/InvenTree/InvenTree/urls.py
+++ b/InvenTree/InvenTree/urls.py
@@ -129,10 +129,6 @@ backendpatterns = [
     url(r'^auth/', include('rest_framework.urls', namespace='rest_framework')),
     url(r'^auth/?', auth_request),
 
-    url(r'^admin/error_log/', include('error_report.urls')),
-    url(r'^admin/shell/', include('django_admin_shell.urls')),
-    url(r'^admin/', admin.site.urls, name='inventree-admin'),
-
     url(r'^api/', include(apipatterns)),
     url(r'^api-doc/', include_docs_urls(title='InvenTree API')),
 
@@ -165,6 +161,11 @@ frontendpatterns = [
     # plugin urls
     get_plugin_urls(),  # appends currently loaded plugin urls = None
 
+    # admin sites
+    url(r'^admin/error_log/', include('error_report.urls')),
+    url(r'^admin/shell/', include('django_admin_shell.urls')),
+    url(r'^admin/', admin.site.urls, name='inventree-admin'),
+
     # DB user sessions
     url(r'^accounts/sessions/other/delete/$', view=CustomSessionDeleteOtherView.as_view(), name='session_delete_other', ),
     url(r'^accounts/sessions/(?P<pk>\w+)/delete/$', view=CustomSessionDeleteView.as_view(), name='session_delete', ),